Hackers seized command of the petrochemical plant’s computerised control-and-safety system

Hackers seized command of the petrochemical plant’s computerised control-and-safety system, and it is believed they had the power to blow up the plant.

The cybercriminals used a piece of malware dubbed both ‘Triton’ and ‘Trisis’ by security experts, which was a malicious software program.

Brigadier General Danny Bren, the former commander of Israel’s cyber defence unit, who now advises major corporations said: “The creators of this attack created a weapon that can kill people.

“With something like that, you can create great danger to an oil rig, a refinery, a power station. In effect, you have built a bomb.”

The hackers infiltrated the safety system’s firmware and inserted a ‘Remote Access Trojan’ (RAT) which allowed them to go inside the computer system and issue instructions via a hidden, electronic “back door”.

The Triton malware was, however, detected because of a tiny flaw which caused part of the system to crash.

But despite this, the hackers are still out there, learning from their mistake according to Mr Bren.

Related articles

He said: “Triton represents the next generation of the cyber revolution.

“It’s going to have a big effect.”

Ongoing investigations have revealed that state-sponsored hacking is growing rapidly.

Mr Bren believes the sophistication of the attack suggests Triton was built by a state, possibly Iran, who are enemies of Saudi Arabia.

And experts believe RATs may already have infiltrated UK networks.

Ciaran Martin, director of the £1.9billion National Cyber Security Centre (NCSC), which was founded 15 months ago as an offshoot of GCHQ, warned that enemies of Britain are attempting to “preposition on critical national infrastructure so they can act with menace against us in times of tension”.

The biggest cyber-attacks, hacks and data breaches

Sat, May 13, 2017

From viruses to data breaches, cyber-crime is far from a modern invention – here is Express.co.uk’s list of some of the biggest attacks in history.

Getty Images

1 of 15

14 of the biggest cyber-attacks, hacks and data breaches in history

An NCSC official confirmed: “The Triton attack, while rare, is likely to be an example of attempted prepositioning.

“A key part of the NCSC’s mission is to ensure the UK is not susceptible to such attacks.”

Jeff Bardin, chief intelligence officer of US security firm Treadstone 71, which monitors state-sponsored hacking, said: “Triton is a combination of espionage and sabotage, and this kind of activity is widespread.

“It could lead to explosions, oil spills and other environmental disasters, and the problem is, we’re not geared up to look for it.

“The UK is using the same hardware and software as everyone else.

“Your nuclear plants are probably safe because their systems are built to a more secure standard.

GETTY

Hackers seized command of the petrochemical plant’s computerised control-and-safety system

“All other critical infrastructure is vulnerable.”

In 2010, the ‘Stuxnet’ attack, reportedly by Israel, immobilised Iran’s nuclear programme by destroying the sensitive centrifuges it used to improve uranium.

In 2012, a single employee clicking on an internet link triggered the collapse of Saudi oil giant Aramco’s entire IT network.

The hack, which like Triton was blamed on Iran, wiped data from 35,000 computers, which forced the firm to revert to typewriters and faxes for five months.

In December 2016, the Russian ‘Crash Override’ hack cut power to 100,000 Ukrainian homes.

Last year, the NCSC revealed that the “WannaCry” hack, which forced vital operations to be cancelled, was the work of North Korea.

GETTY

The cybercriminals used a piece of malware dubbed both ‘Triton’ and ‘Trisis’

Speaking to the Daily Mail the NCSC’s Ciaran Martin said: “The Government recognises the impact of cyber attacks as a major threat to the UK’s economic and national security. We defend ourselves as necessary, using whichever capability is most appropriate.”

Robert Hannigan, who stepped down as head of GCHQ last year, told the MoS: “Countries that mean us harm are co-operating with each other, sharing expertise, and using wider criminal groups.

“The overlap of crime and state actors is one of the most alarming developments of the past few years.”

He added: “The UK is better protected than most countries, but we are not invulnerable to these kinds of attacks.

“We have observed attempts by states to get into our national infrastructure for years.”